lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZyxUTT8t28XUkk4x@infradead.org>
Date: Wed, 6 Nov 2024 21:46:53 -0800
From: Christoph Hellwig <hch@...radead.org>
To: Luis Chamberlain <mcgrof@...nel.org>
Cc: Peter Zijlstra <peterz@...radead.org>, x86@...nel.org, hpa@...or.com,
	petr.pavlu@...e.com, samitolvanen@...gle.com, da.gomez@...sung.com,
	masahiroy@...nel.org, nathan@...nel.org, nicolas@...sle.eu,
	linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
	linux-kbuild@...r.kernel.org, hch@...radead.org,
	gregkh@...uxfoundation.org
Subject: Re: [RFC] module: Strict per-modname namespaces

On Wed, Nov 06, 2024 at 03:42:03PM -0800, Luis Chamberlain wrote:
> > This allows exports targeted at specific modules and no others -- one
> > random example included. I've hated the various kvm exports we've had
> > for a while, and strictly limiting them to the kvm module helps
> > alleviate some abuse potential.
> 
> Yeah we also want:
> 
> EXPORT_SYMBOL_NS_GPL(bdev_disk_changed, MODULE_loop);
> EXPORT_SYMBOL_NS_GPL(bdev_disk_changed, MODULE_dasd_kmod);
> 
> But we might as well have EXPORT_SYMBOL_GPL_FOR() with the implied
> module list. We could then add just:
> 
> 
> EXPORT_SYMBOL_GPL_FOR(bdev_disk_changed, loop);
> 
> But it would be nice to just also support this as well:
> 
> EXPORT_SYMBOL_GPL_FOR(bdev_disk_changed, loop, dasd_kmod);

Parsing a variable length list in a single macro tends to be a bit
of a pain, and I don't think there is much benefit.  Most of the cases
should be exactly one module.  If we can cover the small uses of
multiple uses with multiple exports I think its perfectly fine, and if
we can't cover it at all I can probably live with that aswell.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ